I want to have a tomcat server running SSL. I have a shopping cart applet that requires some strong security. Now tomcat gives explicit instructions for implementing this, which includes using OpenSSL to generate a certificate. OpenSSL is a very robust tool-and is open source-but its written in C. Being a java programmer, I'd feel more comfortable making modifications to a java product. Are there any Java based certificate/cryptology products on the market that can be used instead? I would be nice if they were free- like OpenSSL is.
Jamie Young
Ranch Hand
Joined: Jun 19, 2001
Posts: 31
posted
0
import java.io.*; import com.dstc.security.provider.*; import javax.crypto.*; import javax.crypto.Cipher.*; import java.security.*; import javax.servlet.*; import javax.servlet.http.*; import java.security.spec.*; import java.security.interfaces.*; There is a message posted here that contained these included packages. I just thought you might want to look into this to find if one of these packages contains the messages you are looking for
Vladimir Ergovic
Ranch Hand
Joined: Apr 22, 2001
Posts: 63
posted
0
Hi, you have JSSE (Java Secure Socket Extension) you can download it from JavaSoft (I am not sure if it is early access or not). But basicly that is what I used 6 months ago.
Indeed, the JSSE is the appropriate tool for the job. You can get more information at http://java.sun.com/products/jsse/. Current version is 1.02. Note that with 1.4, the JSSE will be integrated. We have examples for using the JSSE in "Professional Java Security" including securing RMI and database connections.
Daniel Somerfield<br />Author of <a href="http://www.amazon.com/exec/obidos/ASIN/1861004257/ref=ase_electricporkchop" target="_blank" rel="nofollow">Professional Java Security</a>
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to
run our stuff on 16 servers instead of 3.
0
